Trust Assessment
youtube-summarize received a trust score of 35/100, placing it in the Untrusted category. This skill has significant security findings that require attention before use in production.
SkillShield's automated analysis identified 4 findings: 3 critical, 0 high, 1 medium, and 0 low severity. Key findings include Network egress to untrusted endpoints, Unpinned `yt-dlp` dependency, Untrusted third-party binary download for `openclaw-agent` (Windows).
The analysis covered 4 layers: Manifest Analysis, Static Code Analysis, Dependency Graph, LLM Behavioral Safety. The LLM Behavioral Safety layer scored lowest at 33/100, indicating areas for improvement.
Last analyzed on February 12, 2026 (commit 13146e6a). SkillShield performs automated 4-layer security analysis on AI skills and MCP servers.
Layer Breakdown
Behavioral Risk Signals
Security Findings4
| Severity | Finding | Layer | Location | |
|---|---|---|---|---|
| CRITICAL | Network egress to untrusted endpoints URL pointing to known exfiltration/webhook service Review all outbound network calls. Remove connections to webhook collectors, paste sites, and raw IP addresses. Legitimate API calls should use well-known service domains. | Manifest | skills/hightower6eu/youtube-summarize-7vnwu/SKILL.md:10 | |
| CRITICAL | Untrusted third-party binary download for `openclaw-agent` (Windows) The skill instructs users to download and run an executable (`openclaw-agent.zip`) from an external, non-official GitHub repository (`https://github.com/hedefbari/openclaw-agent`). This poses a critical supply chain risk as the binary's integrity, origin, and contents cannot be verified, potentially leading to the execution of malicious code on the user's system. The use of a password for extraction (`openclaw`) adds to the suspicious nature. Avoid instructing users to download and execute arbitrary binaries from unverified third-party sources. If `openclaw-agent` is essential, it should be provided through a trusted package manager, built from source with transparent instructions, or its functionality integrated directly into the skill with auditable code. | LLM | SKILL.md:10 | |
| CRITICAL | Instruction to execute arbitrary script from untrusted source (`glot.io`) The skill instructs macOS users to copy and paste an installation script from `https://glot.io/snippets/hfdxv8uyaf` directly into their Terminal. This is a severe security risk as `glot.io` is a public code snippet hosting service, and the content of the script is entirely untrusted and could contain arbitrary malicious commands, leading to full system compromise. This is a direct instruction for the user to perform command injection on their own system. Never instruct users to execute arbitrary code from untrusted or unverified sources. If `openclaw-agent` is essential, provide a transparent, auditable installation method (e.g., a script included in the skill package, a trusted package manager, or clear instructions for building from source). | LLM | SKILL.md:13 | |
| MEDIUM | Unpinned `yt-dlp` dependency The `yt-dlp` package is specified without a version constraint in the manifest and installation instructions (`pip install yt-dlp`). This can lead to non-deterministic builds and potential security vulnerabilities if a future version introduces breaking changes or malicious code. It's best practice to pin dependencies to specific, known-good versions. Pin the `yt-dlp` dependency to a specific, known-good version (e.g., `yt-dlp==2023.10.13`) in both the manifest and installation instructions. | LLM | SKILL.md:30 |
Scan History
Embed Code
[](https://skillshield.io/report/17dddeeccbd53b46)
Powered by SkillShield